Simple Pricing
Start Free • Scale as You Grow
Get instant answers from your documents with privacy and compliance built in.
Start Free (14 days) → Sandbox ($29) → Starter ($199) → Team ($999) → Enterprise ($20k+)
No hidden fees. No token markup. Pay your cloud directly for usage.
Governed Tiers • Safe Upgrades
From sandbox to enterprise — safely. Monotonic upgrades. No downgrade chaos.
Start free for 14 days, then scale governance controls as you grow.
Sandbox
Strictly limited 14-day trial. Single approved model. See governance controls in action before committing.
- 1 Developer Seat (Strictly Limited)
- 50 Test Documents Max
- Single Approved AI Model
- AWS Provider (Sandbox Default)
- Basic Audit Logs (7 days)
- Hard Budget Limits Enforced
- Governance Dashboard Preview
- No Credit Card Required
Starter
Small teams who need AI with basic governance controls. Audit logs, budget limits, and usage visibility.
- Up to 5 Team Members
- 100 Production Documents
- AWS Provider
- 30-Day Audit Log Retention
- Hard Budget Limits Enforced
- Basic Governance Dashboard
- Email Support (Business Hours)
- Monotonic Tier Upgrades
Team
Full governance dashboard for CTOs, CISOs, CFOs. RBAC, policy enforcement, and compliance-ready logs.
- Up to 40 Team Members
- 2,000 Documents Indexed
- Full Governance Dashboard
- Advanced Team Governance Controls
- 90-Day Audit Log Retention
- SIEM-ready Audit Logs (stdout/webhook)
- Budget Quotas & Usage Alerts
- Priority Support (4-hour SLA)
Enterprise
Complete policy profiles (Healthcare, Legal, Fintech). Evidence bundles, legal hold, custom compliance frameworks.
- Unlimited Scale (Contracted)
- Industry Policy Profiles
- Evidence Bundles (Tamper-Evident)
- Legal Hold & Retention Controls
- Advanced RBAC + SSO/SAML (limited flow support)
- Multi-Cloud + On-Prem Options
- SOC 2 / HIPAA / NIST Ready
- 24/7 Support + Dedicated CSM
Custom
Custom policy frameworks, dedicated engineering, white-glove compliance migration. Built for your exact needs.
- Everything in Enterprise
- Custom Compliance Frameworks
- Dedicated Engineering Squad
- Private Cloud / Air-Gapped Deploy
- Custom Governance Workflows
- Executive Training & Onboarding
- White-Glove Migration Service
Available Add-ons (Contracted / Planned)
Note: Subscription covers the ConvoAI software only. You retain full ownership and pay your cloud provider directly for infrastructure costs (AWS/GCP/Azure) and AI model usage fees. No markup.
Complete Feature Matrix
Enterprise-grade feature comparison across all plans. Every feature is enforceable, auditable, and lock-safe.
| Feature | Sandbox $29/mo | Starter $199/mo | Popular Team $999/mo | Enterprise $20k+/mo | Custom Contractual |
|---|---|---|---|---|---|
| 1. Identity, Users & Access Control | |||||
| Named Users (Base) | 1 | 5 | Contracted | Contracted | |
| Max Users (Absolute) | 1 | 5 | 40 | Unlimited (Contracted) | |
| User Add-ons | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Hard-cap Enforcement | |||||
| RBAC (Role-based Access) | Advanced | ||||
| Multiple Admins | |||||
| Per-user Audit Trail | Contracted / Planned | ||||
| SSO (SAML / OIDC) | Limited Flow | ||||
| SCIM Provisioning | |||||
| User Deactivation on Downgrade | |||||
| 2. Workspaces, Environments & Tenancy | |||||
| Workspaces | 1 | Multiple | Multiple | Multiple | |
| Dev / Prod Separation | |||||
| Per-workspace Policies | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Cross-workspace Governance | |||||
| Tenant Isolation (Hard) | |||||
| Workspace-level Cloud Selection | |||||
| 3. Files, Documents & Data Ingestion | |||||
| Active Indexed Files (Base) | 50 | 100 | Contracted | Contracted | |
| File Add-ons | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| File Size Limits | Strict | Moderate | Custom | Custom | |
| Manual Upload | |||||
| Scheduled Ingestion | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Multi-source Ingestion | |||||
| Cloud Storage Connectors | Contracted / Planned | Contracted / Planned | Contracted / Planned | Contracted / Planned | |
| Document Lifecycle Policies | |||||
| PII / PHI Tagging (Assisted) | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| 4. RAG Pipelines & Retrieval | |||||
| RAG Pipelines | 1 | Multiple | Multiple | Multiple | |
| Retrieval Depth Control | |||||
| Reranking | |||||
| Graph RAG / Multi-hop | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Query Class Policies | |||||
| Custom Retrieval Strategies | Contracted | Contracted | |||
| Provenance (Source Citations) | Basic | Full | Full | Full | |
| 5. Queries, Usage & Quotas | |||||
| Monthly Query Quota (Base) | Low | Medium | Contracted | Contracted | |
| Query Add-ons | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Hard Quota Enforcement | |||||
| Soft Warnings | |||||
| Per-workspace Quotas | |||||
| Fail-closed Behavior | |||||
| Query Throttling | Contracted / Planned | Contracted / Planned | |||
| 6. Cloud Adapters (Execution Backends) | |||||
| Supported Clouds | 1 | 1 | 2 | 3 | |
| AWS Adapter | |||||
| GCP Adapter | Contracted / Planned | Contracted / Planned | |||
| Azure Adapter | Contracted / Planned | Contracted / Planned | |||
| Adapter Add-ons | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Per-workspace Adapter Choice | |||||
| Assume-role / Short-lived Creds | |||||
| Adapter-level Cost Visibility | Basic | Full | Full | Full | |
| 7. Models & Execution Control | |||||
| Model Selection | Fixed | Multiple | Multiple | Multiple | |
| Rule-based Routing | |||||
| Cost-aware Routing | |||||
| Retry Policies | Fixed | Configurable | Advanced | Advanced | |
| Execution Limits | Strict | Configurable | Advanced | Advanced | |
| 8. Observability, Logs & Audit | |||||
| Request Logs | Basic | Detailed | Full | Full | |
| Correlation IDs | |||||
| Log Retention (Base) | Short | Medium | Long | Long | |
| Retention Add-ons | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| CSV Export | |||||
| SIEM-ready Logs | stdout/webhook | SIEM-ready logs* | |||
| Immutable Usage Ledger | |||||
| 9. Security & Compliance | |||||
| Encryption at Rest & Transit | |||||
| Secure Defaults | |||||
| SOC 2 Alignment Support | |||||
| NIST AI RMF Mapping | |||||
| HIPAA Readiness | Contracted | Contracted | |||
| GDPR Support | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Audit Evidence Export | |||||
| 10. Support, SLA & Services | |||||
| Support Channel | Priority Email | SLA | SLA | ||
| Incident Notifications | |||||
| Named Account Contact | |||||
| Architecture Reviews | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Cost Optimization Reviews | Contracted / Planned | Contracted / Planned | Contracted / Planned | ||
| Custom Development | |||||
* SIEM-ready means structured audit logs via stdout/webhook patterns. Native vendor-specific adapters are not exposed as tenant-configurable features.
Built for Regulated Industries
ConvoAI helps organizations in healthcare, legal, real estate, and finance adopt AI with policy profiles, fail-closed enforcement, audited retention, and evidence exports.
Healthcare
Healthcare profile enforcement is now regulated and fail-closed, with structured retrieval boundaries and audit-backed evidence exports.
- ✓Regulated profile requires structured retrieval
- ✓PHI/SPII patterns sanitized before output
- ✓Audit events emitted on allow and deny paths
- ✓Evidence bundle includes control map for reviews
Legal
Legal profile enforcement adds strict policy boundaries with centralized sanitization, traceable output handling, and evidentiary audit records.
- ✓Regulated profile enforces structured retrieval
- ✓Citations and excerpts pass output sanitization
- ✓Subject references are hashed in audit payloads
- ✓Control-map based evidence exports are available
Real Estate
Real-estate profile enforcement now benefits from the same non-bypassable exposure pipeline, with scoped retrieval and sanitized output.
- ✓Allowed subject types are policy-defined
- ✓Lease and property identifiers are sanitized
- ✓Org-scoped retrieval and deny-path auditing
- ✓Retention and evidence export controls are enforced
Fintech
Fintech profile enforcement is regulated by default with strict subject scoping, identifier sanitization, and auditable runtime controls.
- ✓Regulated profile requires structured retrieval
- ✓Account, loan, and routing identifiers are sanitized
- ✓SIEM-ready audit logs via structured stdout/webhook patterns
- ✓Tiered limits and hard caps enforced pre-ingestion
Frequently Asked Questions
Ready to take control of your AI?
Start with a safe Proof of Value or contact us for enterprise governance.